Confluence Security Vulnerabilities and Issues — Confluence CVE List

Lucene search

AtlassianConfluence

2 matches found

CVE•added 2018/02/02 2:29 p.m.•41 views

CVE-2017-18083

The editinword resource in Atlassian Confluence Server before version 6.4.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of an uploaded file.

5.4CVSS5.2AI score0.00204EPSS

CVE•added 2017/04/10 3:59 a.m.•36 views

CVE-2016-4317

Atlassian Confluence Server before 5.9.11 has XSS on the viewmyprofile.action page.

5.4CVSS5.3AI score0.00189EPSS